B&R Industrial Automation Security Vulnerabilities

Lost And Found Information System 1.0 SQL Injection

...

Exploit for Improper Initialization in Linux Linux Kernel

CVE-2022-0847 The Dirty Pipe Vulnerability For educational...

CVE-2023-44387

Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to...

Exploit for OS Command Injection in Php

CVE-2024-4577: PHP CGI Argument Injection (XAMPP) 💀...

Exploit for CVE-2024-31982

CVE-2024-31982 CVEHunter tool for vulnerability detection and...

CVE-2022-1415

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the...

Exploit for CVE-2023-4596

CVE-2023-4596...

CVE-2023-4380

A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and...

CVE-2024-27322

Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted....

Exploit for CVE-2024-29269

🚀 CVE-2024-29269 Exploit This repository contains an exploit...

smartdoms.com Cross Site Scripting vulnerability OBB-3918577

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

CVE-2023-34262 Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.2.0 Product Security Update (Important) (RHSA-2022:6079)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6079 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers...

Rockwell Automation MicroLogix 1100 PLC < FRN 10.0 Authentication Mechanism DoS

The Rockwell Automation MicroLogix 1100 PLC integrated web server is a firmware version that is prior to FRN 10.0. It is, therefore, affected by a denial of service vulnerability due to a failure of the authentication mechanism to properly handle remote connections or commands. A remote attacker...

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

The remote host has the almaxcx.dll ActiveX control that is affected by an arbitrary file overwrite vulnerability that can be triggered by providing an absolute path when calling the control's Save() method in a specially crafted HTML...

Exploit for Untrusted Pointer Dereference in Microsoft

nullmap A very simple driver manual mapper based on my older...

kshs.org Cross Site Scripting vulnerability OBB-3918946

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5659

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device...

CVE-2023-34262 Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5758)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5758 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

Siemens Automation License Manager CVE-2012-4691 Denial of Service

The remote host has a version of Siemens Automation License Manager installed that is affected by an excessive memory consumption denial of service vulnerability that can be triggered by sending a specially crafted packet to the Automation Licensing Manager TCP service listening on port...

CVE-2023-32171 Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability

Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this...

CVE-2023-32171 Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability

Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:0733)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0733 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

Security Bulletin: Insecure XML parsing vulnerability affect IBM Business Automation Workflow - CVE-2014-0107, CVE-2022-34169

Summary IBM Business Automation Workflow reintroduced an outdated version of the Xalan library. Vulnerability Details ** CVEID: CVE-2014-0107 DESCRIPTION: **Apache Xalan-Java could allow a remote attacker to bypass security restrictions, caused by the improper handling of output properties. An...

Security Bulletin: IBM Event Streams is vulnerable to a cross-site request forgery due to the Axios component (CVE-2023-45857).

Summary IBM Event Streams is vulnerable to XSS vulnerability due to Axios component . Axios is a promise-based HTTP library that lets developers make requests to either their own or a third-party server to fetch data. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is...

RHEL 8 : ansible-runner (RHSA-2022:0108)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0108 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

CVE-2023-26053

Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a trusted-key or pgp element in their...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:6158)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6158 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

Jenkins plugins Multiple Vulnerabilities (2024-05-24)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: Jenkins Report Info Plugin 1.2 and earlier does not perform path validation of the workspace directory while serving report files,...

Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure

Atlassian Jira Server and Data Center before 8.5.8 and 8.6.0 through 8.11.1 are susceptible to information disclosure via the /secure/QueryComponent!Default.jspa endpoint. An attacker can view custom field names and custom SLA...

Exploit for Code Injection in Crushftp

CVE-2024-4040 A server side template injection vulnerability...

CVE-2023-45733

Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:4693)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4693 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

CVE-2024-39291

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...

CVE-2022-21233

Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local...

CVE-2024-2425 Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper input validation in the device. If exploited, the web server will crash and need a manual restart to recover...

[SECURITY] Fedora 39 Update: nextcloud-28.0.5-2.fc39

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. NextCloud is extendable via a simple but powerful API.....

[SECURITY] Fedora 40 Update: nextcloud-28.0.5-2.fc40

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. NextCloud is extendable via a simple but powerful API.....

CVE-2022-37341

Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2023-50222 Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit.....

Exploit for CVE-2023-33733

LAB Reportlab This lab was set up to...

CVE-2023-38575

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...

CVE-2023-42445

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfiltration of local...

CVE-2023-39368

Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...

RuggedCom RuggedOS (ROS) Web-Based Admin Interface Detection

The remote device is running the RuggedCom RuggedOS (ROS) web-based administration...

Exploit for CVE-2024-4956

CVE-2024-4956 : Nexus Repository Manager 3 Dork: ...

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere Managed File Transfer

CVE-2023-0669 GoAnywhere MFT suffers from a...